package com.sinosoft.vaccinetoai.security.shiro;

import com.sinosoft.vaccinetoai.security.model.CustomPrincipal;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

/**
 * @author xiazhihao
 * @ClassName:
 * @ClassNameExplain:
 * @Description: xiazhihao
 * @date 2025/5/31 0:58
 */
@Slf4j
public class SSORealm extends AuthorizingRealm {


    //继续添加二次处理授权信息
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return new SimpleAuthorizationInfo();
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        SSOAuthenticationToken credentials = (SSOAuthenticationToken)token;
        CustomPrincipal principal = new CustomPrincipal();
        String ssoToken = credentials.getToken();
        log.info("ssoToken登录 = " + ssoToken);
        if (ssoToken == null){
            return null;
        }
        //todo redis验证 且解析出clientId
        principal.setUserId(1L);
        principal.setOrgSSO(ssoToken);
        //凭证对比
        return new SimpleAuthenticationInfo(principal,null,getClass().getName());
    }

    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof SSOAuthenticationToken;
    }
}
